Most vms / cloud providers can provide a virtualized source of entropy to be mixed into the pool (google "virtio-rng"). Good OSs (like linux with the right virtio modules) will use that to have a high amount of entropy very early into boot. If that's what you're asking, then the answer is "yes, clouds have good urandom available, usually earlier than on real machines".
If instead you're asking "but can the cloud compromise me?" then the answer is "you're wrecked".
If you do not trust the hardware your vm is running on (be it real or virtual hardware), then you have no hope.
Any source of random numbers you read from will read those numbers into memory. The hypervisor or sufficiently-malicious-hardware will then be able to read your memory and get the data, even if it came from an hsm.
The "safe" choice is to trust that your hardware/hypervisor is not stealing such data.
If you can't trust that, you may have to start fabricating your own processors and running your own data-centres.
Be sure to hire better physical security than AWS has or else it's all for naught when someone comes in and yanks your memory to read it.
If instead you're asking "but can the cloud compromise me?" then the answer is "you're wrecked".
If you do not trust the hardware your vm is running on (be it real or virtual hardware), then you have no hope.
Any source of random numbers you read from will read those numbers into memory. The hypervisor or sufficiently-malicious-hardware will then be able to read your memory and get the data, even if it came from an hsm.
The "safe" choice is to trust that your hardware/hypervisor is not stealing such data.
If you can't trust that, you may have to start fabricating your own processors and running your own data-centres.
Be sure to hire better physical security than AWS has or else it's all for naught when someone comes in and yanks your memory to read it.